Re: kibana version

2015-04-15 Thread chenlin rao 
用Kibana3,或者修改Kibana4里index.js中限制版本的1.4.4为1.4.0。

2015-04-16 1:24 GMT+08:00 vineeth mohan :

> Hi ,
>
> Kibana dont work by itself, you need to install Elasticsearch too.
>
> Thanks
>Vineeth Mohan,
>Elasticsearch consultant,
>qbox.io ( Elasticsearch service provider )
>
>
> On Wed, Apr 15, 2015 at 11:13 AM,  wrote:
>
>> Hello, Folks
>>
>>
>> I did download the newest version Kibana and got following error as
>> starting:
>>
>>
>> Kibana: This version of Kibana requires Elasticsearch 1.4.4 or higher on
>> all nodes. I found the following incompatible nodes in your cluster:
>> Elasticsearch-rtf1.4.0 …...
>>
>>
>> Which vesion Kibana should I install? thank you ~
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "elasticsearch" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to elasticsearch+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/elasticsearch/84ac7c62-a88d-4bbf-b629-edf7959499bf%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/CAGdPd5%3D%3D0R3YEnqwgsW0UM06E6Ohwd2AaZmr1wFJsZWNG8H1Pg%40mail.gmail.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsoojB2JPs%3DMkvcW3Ojiru-t2KPM5_DTdbWk-JCmuWMte%2BYA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

0.54 * 1000 = -8646911284551352000 in script_field?!

2015-04-03 Thread chenlin rao 
$ cat test.sh
curl
1003.es.dip.sina.com.cn:9200/logstash-mweibo-nginx-2015.04.03/v5nginx/_search?q=_id:AUx-QvSBS-dhpiB8_1f1\&pretty
-d '{
"fields": ["request_time"],
"script_fields" : {
"test1" : {
"script" : "doc[\"request_time\"].value"
},
"test2" : {
"script" : "doc[\"request_time\"].value * 1000"
}
}
}'

$ sh test.sh
{
  "took" : 7,
  "timed_out" : false,
  "_shards" : {
"total" : 56,
"successful" : 56,
"failed" : 0
  },
  "hits" : {
"total" : 1,
"max_score" : 1.0,
"hits" : [ {
  "_index" : "logstash-mweibo-nginx-2015.04.03",
  "_type" : "v5nginx",
  "_id" : "AUx-QvSBS-dhpiB8_1f1",
  "_score" : 1.0,
  "fields" : {
"test2" : [ -8646911284551352000 ],
"test1" : [ 4603039107142836552 ],
"request_time" : [ 0.54 ]
  }
} ]
  }
}

WHY?

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsoojyVwcf%2BuyG8TuWXEFSwj20L3FFyEKqJVyf8F02oy_4Zw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Is bulk index sending to data nodes better or non-data nodes?

2015-03-16 Thread chenlin rao 
Hello, anyone.
I used to setup some non-data nodes to accept bulk indexing from my
logstash/outputs/elasticsearch(http protocol). But some day I found one
article suggested use client node for searching but data node for bulk
indexing.

So, what's the best practical? Which node should we send bulk to,
master, data, client?

thanks~

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsoohg%3Dh0WoC7p%3Do11whbEsBxjpiSXu%2BMVqnKKJYSrq7%3Dscw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: ElasticSearch Website down for quite some days?

2015-03-13 Thread chenlin rao 
There are some .js being blocked in China...

2015-03-14 6:46 GMT+08:00 Jay Swan :

> Try http://elastic.co
>
> Elasticsearch (the company) changed their name to Elastic this week. The
> site redirects for me, but maybe there's something amiss in your browser or
> proxy.
>
> On Friday, March 13, 2015 at 4:16:36 PM UTC-6, liu wei wrote:
>>
>> Starting from beginning of this week, i have trouble access that. Anyone
>> have similar issues?
>> http://www.elasticsearch.org/
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/3b94e2b6-aff8-4d35-bc30-95f8c6077579%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsoohL__mj%2BB9ohEddMZjRi20h8rY8n4WtjzUN9DsRA1mjUg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Integration from Kibana 3 to Kibana 4.0

2014-12-02 Thread chenlin rao 
+1
I wrote some own panels too. Really want to know howto quickly port into 
kibana 4.

在 2014年12月2日星期二UTC+8下午5时06分59秒,Georg Seibt写道:
>
> Hello,
> I am new to Elasticsearch and Kibana, but in the last months I developed 
> two visualizations for chord diagrams and hive plots in Kibana 3.
> Now we are thinking about changing to Kibana 4.0.
>
> I created two panels for the visualizations under the folders
> ...\kibana\src\app\panels
> in Kibana 3
>
> The panels have the same structure as other panels, like 'terms' for 
> example. They consist of an editor.html, a modules.html, and a module.js 
> file.
> The module.js file makes a reuqest for the data to elasticsearch and uses 
> a library to create the diagram (I added the libraries in 
> kibana\src\vendor).
>
> I am wondering if and how I can integrate these functionalities to Kibana 
> 4.0? I had a look in the code of Kibana 4.0 and it looks completely 
> different. I assume that I have to change most of the code which makes the 
> request to elasticsearch, but I am hoping to be able to further use the 
> libraries.
>
> Maybe somebody can help me where I would have to integrate the code.
> Thank you in advance,
> Georg
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/4db89a6c-6dc9-4469-b03e-de1f5ea284c5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Is it possible to reference Kibana search via URL?

2014-11-24 Thread chenlin rao 
use templated or scripted dashboards, check:
http://www.elasticsearch.org/guide/en/kibana/current/templated-and-scripted-dashboards.html

2014-11-24 20:48 GMT+08:00 Vagif Abilov :

> Hello,
>
> We have set up ELK stack to store our system log messages. Each operation
> and each error in the system have associated GUID, so in order to find all
> messages related to a certain activity we only need to obtain its
> respective ID or the ID of an error in case activity failed. What we can't
> figure out is how we can make it easy for users to retrieve information
> from Kibana if they have activity or error ID. Kibana Web UI is not REST,
> so it looks like there is no way to control Kibana search via URL,
> something that would be great for us so we could simply embed incident URL
> in error description.
>
> Is there any way to approach such task?
>
> Best regards
>
> Vagif Abilov
> Oslo Norway
>
> --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/af9fa981-48d4-4485-b209-8fb4494a6d8c%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsoohV4qbhbdqQ0FO7xsPoouWbepJgWsgO-qDpN9WOPRrGAg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: KIBANA: Link with Good Panel overview / explanation?

2014-11-24 Thread chenlin rao 
http://www.elasticsearch.org/guide/en/kibana/current/panels.html

2014-11-24 22:02 GMT+08:00 :

> Dear community,
>
> do you have a LINK with some good overview / explanation with examples of
> the different panels in Kibana?
>
> Thanks for your input!!
>
> --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/42a2d657-c5f3-4d99-a8e8-f9874e09730f%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsoojMRdaiPEZPM_q3V6p9xr%2B3BH1CG3%3D6At55TSb8gQcDDA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Not analyzed for all field for all Index

2014-11-12 Thread chenlin rao 
set a custom template, you can find example in
logstash/lib/logstash/outputs/elasticsearch/template-elasticsearch.json

2014-11-11 17:46 GMT+08:00 Sang Dang :

> Hi all,
> currently my index will create automatically when a new doc indexed. so I
> couldn't use CreateMapping request to set mapping property.
> I would like to know whether i could set it by default for store only bc i
> really need to increase my indexing perfomance (expect 1M req/sec)
>
> P/S if there is any tips for improve indexing throughput, please share me,
> thanks :)
>
> --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/d424fe6a-06ea-4e74-af60-a219b62c98f6%40googlegroups.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsoogSqJbTKrgHXNzYYWvQjYmDK3RVjLFCz22Xe0wjo8zyyg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: ELK stack and monitoring/alerting

2014-11-08 Thread chenlin rao 
You can do some simple alert in kibana. I'd try to use HTML5 notification
API to show alert on my big screen.
https://github.com/chenryn/kibana-authorization#histogram-threshold-notification

2014-11-08 5:02 GMT+08:00 Jay Swan :

> As Mark says, there's nothing built in. Approaches that I've read about
> for bolting alerting onto ELK:
>
> 1) Use Logstash to output to some other alerting pipeline, such as: email,
> Nagios, Riemann.
> 2) Write a cron job / scheduled task to run Elasticsearch queries
> periodically and take action based on the results. This is not part of
> Logstash or Kibana; you need to write it yourself. I believe the MozDef
> project has some code to do this: https://github.com/jeffbryner/MozDef.
> 3) Write your own indexer that makes use of Elasticsearch percolators.
> Percolators allow you to match indexed queries against new indexed
> documents, which is kind of like alerting. Again, you'd need to write it
> yourself.
>
>
>
> On Friday, November 7, 2014 9:48:41 AM UTC-7, Wish wrote:
>>
>> I am new to ELK stack. I guess, I understand ELK can be used for log
>> management. You can view the details on dash board using kibana etc.
>>
>> however, one question, can we have an alerting system as an extension of
>> ELK stack ?
>>
>  --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/9a5f17eb-0e2b-40ef-b668-45c5598accf6%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsooj6wvpc9wLhE44h1p4aOpngNxJ80_o38ezCeh0AZLv7Ag%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: How can I define a Username and password for login?

2014-09-26 Thread chenlin rao 
I implement a kbnauth in my `https://github.com/chenryn/kibana`. May anyone
give a try?

2014-09-26 19:49 GMT+08:00 vineeth mohan :

> Hello ,
>
> ELK stack doesn't give inherent support for this , but then there are a
> couple of open source projects you can use.
> https://github.com/fangli/kibana-authentication-proxy works fine for me.
>
> Or else a solution based on Nginx will also work good.
>
> Thanks
> Vineeth
>
> On Fri, Sep 26, 2014 at 5:14 PM,  wrote:
>
>> Hello Members.
>> How are you?
>> I use Elastecsearch+Kibana+Nginx+Logstach for record windows Logs and I
>> want to know how can I define an account for browse Kibana? by default any
>> user that enter my Log server address in Browser, Can see my Log server.
>>
>>
>> Thank you and Good luck.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "elasticsearch" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to elasticsearch+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/elasticsearch/96b56457-3aa5-47a1-9d3f-5ccc9374afca%40googlegroups.com
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/CAGdPd5nay2TemAgccmDSa4Se7XgRq%3DsWzDjcob-nZf%2ByHPAE%3Dw%40mail.gmail.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsoohKCcq6Q8G4_jWU8rWXbPqepgLTOmx5eEx%2BtUdtRB8XKw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: restore data on disk

2014-08-15 Thread chenlin rao 
check the elasticsearch.log for more informations. BTW: you can join QQ
group: 315428175, many chinese elk users there.


2014-08-16 0:06 GMT+08:00 Yuheng Du :

> typo: the second image shows the directory
> at  '$ES_Home/data/elasticsearch/nodes/1/indices/'
>
> --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/32f31d9c-d36d-4a4c-b39f-72d9fe527a62%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsooj0AG_ZTrpx9TN_V7njZyqwTgOMhspFmgigVv%3DpJzmcKw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Aggregation

2014-08-15 Thread chenlin rao 
What's your `deviceId` mapping type? Make sure it's a number as using in
percentile aggregation.


2014-08-15 23:49 GMT+08:00 Yuheng Du :

>
> I am using:
>
>
> 
> and I got the following errors:
>
>
> 
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> can anyone tell me what is going wrong?
>
> Thanks!
>
> --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/13b34421-fa99-4de4-ab11-15aac1dfff65%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CABwsoohkLx1mqmpRoo7WSo6r6HVouY83dLhWwRqGh80vPQZvNg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.